Jon Dufresne
331ca5391e
Fixed #27175 -- Deprecated silencing exceptions from the {% include %} template tag.
...
Thanks Tim Graham for the review.
2016-09-08 18:24:22 -07:00
Jon Dufresne
66e1ebbffc
Fixed #26956 -- Added success_url_allowed_hosts to LoginView and LogoutView.
...
Allows specifying additional hosts to redirect after login and log out.
2016-09-07 19:56:25 -07:00
Jon Dufresne
f227b8d15d
Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts
2016-09-07 19:56:25 -07:00
Nicola Jordan
978a00e39f
Fixed #27143 -- Allowed combining SearchQuery with more than one & or | operators.
2016-09-07 15:26:52 -04:00
Markus Gerards
2b64ff68cc
Fixed #27180 -- Fixed a crash in MySQL checks where SELECT @@sql_mode doesn't return a result.
2016-09-07 11:15:41 -04:00
Tim Graham
6a2af01452
Fixed #24865 -- Added remove_stale_contenttypes management command.
...
Thanks Simon Charette for the review.
2016-09-06 09:48:58 -04:00
Tim Graham
277fe2e8f2
Fixed #25788 -- Enabled the cached template loader if debug is False.
2016-09-03 09:06:33 -04:00
Daniel Hahler
b1d6b0a7b1
Fixed #26098 -- Used cdnjs.cloudflare for OpenLayers.js.
2016-09-03 06:52:25 -04:00
Shai Berger
c93ac9cf42
Refs #25850 , #27142 , #27110 -- Documented migration history consistency checks.
2016-09-01 18:49:10 -04:00
Tim Graham
de7f9758ac
Added stub release notes for 1.10.2.
2016-09-01 16:27:45 -04:00
Tim Graham
894df3e327
Added release date for 1.10.1.
2016-09-01 16:24:46 -04:00
Tim Graham
098c07a032
Fixed #27142 , #27110 -- Made makemigrations consistency checks respect database routers.
...
Partially reverted refs #27054 except for one of the tests as this
solution supersedes that one.
Thanks Shai Berger for the review.
2016-09-01 16:19:29 -04:00
Sergei Maertens
32c02f2a0e
Fixed #5908 -- Added {% resetcycle %} template tag.
...
Thanks to Simon Litchfield for the report, Uninen for the initial
patch, akaihola, jamesp, b.schube, and Florian Appoloner for
subsequent patches, tests, and documentation.
2016-09-01 15:52:21 -04:00
Ed Morley
d8ef5b0e65
Fixed #27152 -- Supported comma delimiter in memcached LOCATION string.
2016-08-31 17:23:41 -04:00
Ed Morley
65ec8fa8ca
Fixed #20892 -- Allowed configuring memcached client using OPTIONS.
...
Previously, the MemcachedCache backend ignored `OPTIONS` and
PyLibMCCache used them to set pylibmc behaviors. Both backends now
pass `OPTIONS` as keyword arguments to the client constructors.
2016-08-31 12:50:14 -04:00
Olexander Yermakov
b7fb608142
Fixed #27154 -- Allowed comparing CallableBool with bitwise or.
...
Thanks Tim for the review.
2016-08-31 08:27:37 -04:00
Kevan Swanberg
35504f74a8
Fixed #26685 -- Added dwithin lookup support on SpatiaLite.
2016-08-30 20:45:47 -04:00
Baptiste Mispelon
61b45dff6b
Fixed #27126 -- Made {% regroup %} return a namedtuple to ease unpacking.
2016-08-26 16:59:21 -04:00
Chris Jerdonek
42dcceba61
Fixed #26942 -- Added support for subtests during parallel testing.
2016-08-26 14:24:27 -04:00
Mattias Loverot
2315114090
Fixed #27067 -- Deprecated string_concat() in favor of format_lazy().
2016-08-25 16:12:40 -04:00
Claude Paroz
13c3e5d5a0
Fixed #25995 -- Added an encoder option to JSONField
...
Thanks Berker Peksag and Tim Graham for the reviews.
2016-08-25 21:42:42 +02:00
Akshesh
989f6108d3
Added class-based indexes to 1.11 release notes.
2016-08-25 09:51:54 -04:00
Tim Graham
4bc6b93994
Fixed #27039 -- Fixed empty data fallback to model field default in model forms.
2016-08-24 17:50:10 -04:00
Berker Peksag
3c18f8a3d2
Fixed #27111 -- Fixed KeyError if USERNAME_FIELD isn't in UserCreationForm.fields.
2016-08-24 13:20:12 -04:00
Simon Charette
d5c4ea5246
Fixed #27100 -- Included already applied migration changes in the pre-migrate state.
...
Refs #24100 .
Thanks Tim for the review.
2016-08-24 01:17:48 -04:00
Simon Charette
d1757d8df4
Fixed #27044 -- Included already applied migration changes in the post-migrate state when the execution plan is empty.
...
Refs #24100 .
Thanks tkhyn for the report and Tim for the review.
2016-08-24 01:17:18 -04:00
Tim Graham
ad25fe7350
Fixed #27089 -- Added database alias to InconsistentMigrationHistory message.
2016-08-23 17:39:58 -04:00
Collin Anderson
384f89f8f8
Fixed #26998 -- Reverted some admin checks from checking field.many_to_many back to isinstance(field, models.ManyToManyField).
...
This partially reverts 983c158da7
2016-08-23 16:00:12 -04:00
Chris Jerdonek
a3db480393
Fixed #27061 -- Added a TEST['TEMPLATE'] setting for PostgreSQL.
2016-08-23 15:08:20 -04:00
Helen Sherwood-Taylor
bc1e2d8e8e
Fixed #27018 -- Fixed admindocs crash with a view in a class.
...
Generated correct admindocs URLs on Python 3. URLs generate 404s on
Python 2, as in older versions of Django.
2016-08-20 10:01:57 -04:00
Przemysław Suliga
1f68bb5683
Refs #26902 -- Protected against insecure redirects in set_language().
2016-08-19 19:16:00 -04:00
Przemysław Suliga
549b90fab3
Refs #26902 -- Protected against insecure redirects in Login/LogoutView.
2016-08-19 19:01:01 -04:00
Tim Graham
1d1e246db6
Removed DateTimeAwareJSONEncoder alias.
2016-08-19 15:00:16 -04:00
Matthew Wilkes
4f138fe5a4
Fixed #22288 -- Fixed F() expressions with the __range lookup.
2016-08-19 13:40:56 -04:00
Tim Graham
518eaf1fa2
Fixed #26807 -- Documented how to replicate SubfieldBase's assignment behavior.
2016-08-18 20:59:40 -04:00
Jon Dufresne
f5c6d3c8d9
Fixed #27068 -- Unified form field initial data retrieval.
2016-08-18 17:55:47 -07:00
Ian Foote
39f35d4b9d
Fixed #25871 -- Added expressions support to QuerySet.values().
2016-08-18 16:05:15 -04:00
Loïc Bistuer
d4eefc7e2a
Fixed #27073 -- Removed duplicated managers in `Model._meta.managers`.
2016-08-19 01:24:45 +07:00
Jim Nicholls
76ab885118
Fixed #27054 -- Fixed makemigrations crash with a read-only database.
2016-08-18 08:27:40 -04:00
Chris Lamb
97513269d7
Refs #26983 -- Added test for isnull lookup to CharField with primary_key=True.
2016-08-17 21:08:15 -04:00
Andreas Pelme
e76981b433
Fixed #26840 -- Added test.utils.setup/teardown_databases().
2016-08-17 13:55:04 -04:00
Tim Graham
7549eb0004
Fixed #27009 -- Made update_session_auth_hash() rotate the session key.
2016-08-15 19:29:12 -04:00
Tim Graham
937d752d3d
Fixed #27058 -- Reallowed the {% for %} tag to unpack any iterable.
...
Thanks Sergei Maertens for the report and patch.
2016-08-15 15:39:22 -04:00
Daniel Wiesmann
89f17e7caf
Fixed #27014 -- Fixed annotations with database functions on PostGIS.
...
Thanks Sean Mc Allister for providing a test.
2016-08-15 14:23:10 -04:00
Tim Graham
c6cd9f4ae2
Fixed typo in docs/releases/1.11.txt
2016-08-13 08:33:58 -04:00
Chris Jerdonek
5890b1613c
Fixed #27008 -- Added --debug-mode option to DiscoverRunner.
2016-08-12 20:43:17 -04:00
Michael Schwarz
72d541b61c
Fixed #27007 -- Handled non-UTF-8 bytes objects for text/* attachments.
...
The fallback logic which allows non-UTF-8 encoded files to be passed to
attach_file() even when a `text/*` mime type has been specified is
moved to attach(). Both functions now fall back to a content type of
`application/octet-stream`.
A side effect is that a file's content is decoded in memory instead of
opening it in text mode and reading it into a string.
Some mimetype-related logic in _create_attachment() has become
obsolete as the code moved from attach_file() to attach() already
handles this.
2016-08-12 16:35:09 -04:00
Jon Dufresne
fab46ce6f5
Fixed #27037 -- Prevented required attribute on ClearableFileInput when initial data exists.
2016-08-12 13:59:01 -04:00
Akshesh
f842d1011c
Refs #20888 -- Added index order introspection.
2016-08-12 11:51:09 -04:00
Tim Graham
5eab1f6f83
Fixed typo in docs/releases/1.9.txt
2016-08-12 07:29:29 -04:00
Moritz Sichert
08b8c46971
Refs #23960 -- Documented how to restore absolute redirect URLs.
2016-08-11 16:35:59 -04:00
Tim Graham
e2dfa81ff7
Refs #18682 -- Edited explanation in stale content type deletion.
...
Follow up to 8db889eaf7
.
2016-08-10 21:19:09 -04:00
Ed Morley
3c2447dd13
Fixed #26947 -- Added an option to enable the HSTS header preload directive.
2016-08-10 20:23:54 -04:00
Tim Graham
1e32e1cc95
Fixed #26973 -- Fixed views.static.serve() crash with show_indexes enabled.
2016-08-10 11:27:03 -04:00
jordij
0814566bf1
Fixed #26960 -- Added PasswordResetConfirmView option to automatically log in after a reset.
2016-08-10 10:23:16 -04:00
Chris Jerdonek
a3a5ef4d0e
Fixed #27035 -- Eased changing settings.DEBUG for DiscoverRunner.
2016-08-09 13:40:29 -04:00
Claude Paroz
ade681b9ad
Unified SpatiaLite spelling
2016-08-09 18:46:28 +02:00
Tim Graham
79a9603ba8
Corrected Django 1.8 EOL in 1.11 release notes.
2016-08-09 10:24:35 -04:00
Claude Paroz
a6baada7bd
Fixed #26940 -- Removed makemessages from no_settings_commands whitelist
...
As makemessages uses several settings for proper run (FILE_CHARSET,
LOCALE_PATHS, MEDIA_ROOT, and STATIC_ROOT), we should require settings
configuration for this command.
2016-08-08 19:52:57 +02:00
Simon Charette
b8e6e1b43b
Fixed #26500 -- Added SKIP LOCKED support to select_for_update().
...
Thanks Tim for the review.
2016-08-08 12:01:43 -04:00
Chris Jerdonek
e7fb724cd2
Fixed #27032 -- Prevented setup_test_environment() from being called twice.
2016-08-08 10:40:29 -04:00
Sjoerd Job Postmus
3246d2b4bb
Fixed #27026 -- Fixed state initialization of bulk_create() objects if can_return_ids_from_bulk_insert.
2016-08-06 10:24:57 -04:00
Ben Demboski
fc8f097117
Fixed #27027 -- Restored Client.force_login() defaulting to the first auth backend.
2016-08-06 08:41:41 -04:00
Jarek Glowacki
d117567c7d
Fixed #27004 -- Made migrations consistency check ignore unapplied squashed migrations.
2016-08-05 18:01:55 -04:00
Yoong Kang Lim
d30febb4e5
Fixed #26706 -- Made RelatedManager modification methods clear prefetch_related() cache.
2016-08-05 13:32:27 -04:00
Tim Graham
3c20aa49d7
Fixed #26986 -- Documented force_login() delegation to auth backends.
2016-08-05 10:52:30 -04:00
Jon Dufresne
50e299dbfb
Fixed #26928 -- Changed forms' checked attribute to HTML5 boolean style.
2016-08-04 19:16:54 -04:00
Chris Jerdonek
ebed9ee8d5
Fixed #26981 -- Added DiscoverRunner.get_test_runner_kwargs().
2016-08-04 14:45:44 -04:00
Claude Paroz
272eccf7ff
Fixed #26983 -- Fixed isnull filtering on ForeignKey with to_field
...
Thanks weidwonder for the report.
2016-08-04 16:05:21 +02:00
Tim Graham
5c63b3e5a7
Fixed #27005 -- Fixed crash if request.META[''CONTENT_LENGTH']=''.
2016-08-03 13:12:40 -04:00
Alex Hill
c5ebfda002
Fixed #27001 -- Fixed a query count regression in ModelChoiceField with RadioSelect.
2016-08-03 10:45:55 -04:00
Sergey Yurchenko
4e64e3bb6e
Fixed #26997 -- Fixed checks crash with empty Meta.default_permissions.
2016-08-03 09:14:01 -04:00
Tim Graham
f4b1f972dc
Fixed #26999 -- Documented model_to_dict() ManyToManyField change in 1.10.
2016-08-03 08:49:47 -04:00
Tim Graham
ccd5a23fba
Fixed #27000 -- Removed BaseCommand.usage() per deprecation timeline (refs #19973 ).
2016-08-02 18:50:12 -04:00
Tim Graham
54afa960d1
Fixed #26988 -- Improved/clarified User.is_authenticated/anonymous compatibility.
...
Thanks marktranchant for the report and review.
2016-08-02 11:01:08 -04:00
Tim Graham
d95c669c29
Fixed #26991 -- Fixed a crash in MySQL where SQL_AUTO_IS_NULL doesn't return a result.
2016-08-02 10:52:31 -04:00
Tim Graham
9af0a58756
Added stub release notes for 1.10.1.
2016-08-01 14:57:10 -04:00
Tim Graham
95b47c009b
Added release dates for 1.10 and 1.9.9
2016-08-01 13:55:08 -04:00
Sergey Fedoseev
9031a4c13b
Fixed #26657 -- Made GeomValue omit SRID for MySQL.
...
This fixes some test failures on MySQL 5.7+.
2016-07-28 16:51:47 -04:00
Andrew Nester
0ba179194b
Fixed #26929 -- Deprecated extra_context parameter of contrib.auth.views.logout_then_login().
2016-07-28 11:57:02 -04:00
Tim Graham
ec4a6b33a9
Fixed #26946 -- Clarified instructions for customizing collectstatic's ignore_patterns.
2016-07-25 10:05:40 -04:00
Markus Holtermann
e69091b34a
Refs #25232 -- Documented AllowAll*Backend in "new features" section of 1.10 release notes.
2016-07-25 09:09:54 -04:00
Jon Dufresne
348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page.
2016-07-24 18:18:57 +02:00
Jon Dufresne
b2e54aec58
Added stub release notes for 1.9.9.
2016-07-24 18:18:57 +02:00
Tim Graham
bc53af13cb
Added CVE-2016-6186 to the security release archive.
2016-07-18 15:19:35 -04:00
Tim Graham
93c538694e
Fixed XSS in admin's add/change related popup.
...
This is a security fix.
2016-07-18 11:17:01 -04:00
Claude Paroz
255fb99284
Fixed #17209 -- Added password reset/change class-based views
...
Thanks Tim Graham for the review.
2016-07-16 10:36:12 +02:00
Claude Paroz
3e71f6544f
Fixed #26897 -- Fixed makemessages crash on Python 2 with non-ASCII file names
...
Thanks Tim Graham for the review.
2016-07-14 20:37:56 +02:00
Will Hardy
8ef78b8165
Fixed #26656 -- Added duration (timedelta) support to DjangoJSONEncoder.
2016-07-14 13:34:15 -04:00
Priy
a7b5dfd170
Fixed #26821 -- Fixed forms.Email/URLField crash on None value.
2016-07-14 12:59:14 -04:00
Tim Graham
944e66cb1d
Reverted "Fixed #25388 -- Added an option to allow disabling of migrations during test database creation"
...
This reverts commit 157d7f1f1d
since it
disables migrations all the time, not just during tests.
2016-07-14 09:21:28 -04:00
Jon Dufresne
2e4cfcd2b9
Fixed #26889 -- Fixed missing PostgreSQL index in SchemaEditor.add_field().
2016-07-13 14:33:54 -07:00
Tim Graham
ee2f0f311a
Linked "Features removed" release notes to corresponding deprecation notes.
2016-07-11 15:22:32 -04:00
Julien Hartmann
f4afb85d7e
Fixed #26749 -- Preserved behavior of use_for_related_field during deprecation.
2016-07-11 13:30:44 -04:00
Simon Charette
8a4f017f45
Fixed #26348 -- Added TruncTime and exposed it through the __time lookup.
...
Thanks Tim for the review.
2016-07-08 12:35:34 -04:00
Simon Charette
082c52dbed
Refs #25774 , #26348 -- Allowed Trunc functions to operate with time fields.
...
Thanks Josh for the amazing testing setup and Tim for the review.
2016-07-08 12:35:34 -04:00
Tim Graham
415ae960bb
Fixed capitalization of "URL pattern".
2016-07-06 15:31:12 -04:00
Erik Romijn
8db889eaf7
Fixed #18682 -- Expanded explanation in stale content type deletion. ( #6869 )
2016-07-03 15:55:14 +02:00
Berker Peksag
12b4280444
Fixed #21548 -- Added FileExtensionValidator and validate_image_file_extension.
2016-06-30 09:08:50 -04:00
Berker Peksag
52a991d976
Fixed #24694 -- Added support for context_processors to Jinja2 backend.
2016-06-28 14:30:54 -04:00
Berker Peksag
c1b6f554e4
Fixed #15091 -- Allowed passing custom encoder to JSON serializer.
2016-06-28 11:10:07 -04:00
Claude Paroz
9588718cd4
Fixed #5897 -- Added the Content-Length response header in CommonMiddleware
...
Thanks Tim Graham for the review.
2016-06-27 10:44:57 +02:00
Bang Dao + Tam Huynh
09119dff14
Fixed #26719 -- Normalized email in AbstractUser.clean().
2016-06-24 10:37:38 -04:00
Claude Paroz
78963495d0
Refs #17209 -- Added LoginView and LogoutView class-based views
...
Thanks Tim Graham for the review.
2016-06-24 10:45:13 +02:00
Tim Graham
81cdcb66bc
Fixed #26791 -- Replaced LiveServerTestCase port ranges with binding to port 0.
2016-06-23 12:04:05 -04:00
jasisz
b5a1c3a6f5
Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING.
2016-06-22 17:28:49 -04:00
Zbigniew Siciarz
46338296aa
Fixed typo in 1.11 release notes.
2016-06-22 12:10:42 -04:00
Tim Graham
91c02ca7ba
Fixed a heading typo in docs/releases/1.11.txt
2016-06-22 11:16:18 -04:00
Tim Graham
39805686b3
Refs #21379 , #26719 -- Moved username normalization to AbstractBaseUser.
...
Thanks Huynh Thanh Tam for the initial patch and Claude Paroz for review.
2016-06-21 16:19:37 -04:00
Sergey Fedoseev
5ce660cd65
Fixed #25940 -- Added OGRGeometry.from_gml() and GEOSGeometry.from_gml().
2016-06-21 15:46:27 -04:00
Tim Graham
20d1cb33c2
Fixed #26787 -- Documented deleting and reloading of model instance fields.
...
Thanks Julien Hartmann for the report.
2016-06-21 14:39:17 -04:00
Tobias McNulty
17e661641d
Refs #26666 -- Added ALLOWED_HOSTS validation when running tests.
...
Also used ALLOWED_HOSTS to check for external hosts in assertRedirects().
2016-06-20 11:07:46 -04:00
Claude Paroz
f7a363ee1d
Fixed #26753 -- Made GDAL a required dependency for contrib.gis
...
Thanks Tim Graham for the review.
2016-06-18 10:58:02 +02:00
Jon Dufresne
267dc4addd
Fixed #4136 -- Made ModelForm save empty values for nullable CharFields as NULL.
...
Previously, empty values were saved as strings.
2016-06-13 09:14:36 -04:00
Vytis Banaitis
83120af2c1
Refs #26524 -- Fixed an error in 1.11 release notes.
2016-06-09 20:34:53 -04:00
Berker Peksag
ae2a7da86b
Fixed #20468 -- Added loaddata --exclude option.
...
Thanks Alex Morozov for the initial patch.
2016-06-09 10:35:32 -04:00
krishbharadwaj
f6681393d3
Fixing #26524 -- Made a foreign key id reference in ModelAdmin.list_display display the id.
2016-06-08 17:20:03 -04:00
Berker Peksag
724dd2043e
Fixed #26717 -- Added Serializer.stream_class to customize the stream.
2016-06-08 11:08:18 -04:00
Scott Vitale
be729b6120
Fixed #10107 -- Allowed using mark_safe() as a decorator.
...
Thanks ArcTanSusan for the initial patch.
2016-06-07 12:24:03 -04:00
wim glenn
5ebebd1159
Fixed #26707 -- Added QueryDict.fromkeys()
2016-06-06 08:54:25 -04:00
Tom Christie
da22079c21
Linked to upgrade guide from release notes.
2016-06-06 07:28:55 -04:00
Tim Graham
01e567864e
Added stub release notes for 1.9.8.
2016-06-04 19:58:14 -04:00
Tim Graham
1f5eb521a0
Added release date for 1.9.7.
2016-06-04 19:24:51 -04:00
Vytis Banaitis
2f9c4e2b6f
Fixed #19963 -- Added support for date_hierarchy across relations.
2016-06-04 12:14:02 -04:00
Holly Becker
55fec16aaf
Fixed #26628 -- Changed CSRF logger to django.security.csrf.
2016-06-04 10:17:06 -04:00
Anton I. Sipos
c3495bb984
Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
...
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Tim Graham
e2296e7f0a
Fixed #26667 -- Fixed a regression in queries on a OneToOneField that has to_field and primary_key=True.
...
Thanks Simon Charette for review.
2016-06-04 08:04:51 -04:00
mieciu
19ff506878
Fixed #26698 -- Fixed PostgreSQL dbshell crash on an empty database name.
2016-06-03 12:30:21 -04:00
Will Koster
9899347641
Fixed #26638 -- Allowed callable arguments for QuerySet.get_or_create()/update_or_create() defaults.
2016-06-03 10:00:53 -04:00
jrabbit
d65e2899b2
Fixes #26700 -- Added how to upgrade to TEMPLATES link in 1.10 release notes.
2016-06-02 20:27:33 -04:00
Brad Melin
f6517a5335
Fixed #26672 -- Fixed HStoreField to raise ValidationError instead of crashing on non-dict JSON input.
2016-06-02 16:28:01 -04:00
Rustam Kashapov
df8412d2e5
Fixed #26617 -- Added distinct argument to contrib.postgres's StringAgg.
2016-06-02 13:48:35 -04:00
Tim Graham
149ace94df
Updated release notes links to prevent warnings with Sphinx 1.4.2.
2016-06-02 11:41:49 -04:00
Tim Graham
3db04d4422
Fixed #26084 -- Documented that deprecation warnings are no longer loud.
2016-06-01 15:17:25 -04:00
Tim Graham
bc84278615
Fixed #26675 -- Dropped support for PostgreSQL 9.2/PostGIS 2.0.
2016-06-01 07:45:22 -04:00
Tim Graham
47f22e8286
Fixed #25645 -- Dropped support for SpatiaLite < 4.0.
2016-05-31 11:31:51 -04:00
Ketan Bhatt
f31fbbae1a
Fixed #26653 -- Made SyndicationFeed.latest_post_date() return time in UTC.
2016-05-30 18:36:15 -04:00
Simon Charette
4f474607de
Fixed #26646 -- Added IOBase methods required by TextIOWrapper to File.
...
Thanks Tim for the review.
2016-05-27 21:05:58 -04:00
Tim Graham
0e7e47b5d7
Fixed #26652 -- Documented removal of model instance _(default/base)_manager attributes.
2016-05-27 10:36:16 -04:00
Tim Graham
1915a7e5c5
Increased the default PBKDF2 iterations.
2016-05-20 09:19:19 -04:00
Tim Graham
97c3dfe12e
Added stub 1.11 release notes.
2016-05-19 22:28:24 -04:00
Tim Graham
0eac5535f7
Removed unused sections in 1.10 release notes.
2016-05-19 11:49:15 -04:00
Shai Berger
5112e65ef2
Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them
...
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).
While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).
Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
2016-05-19 05:02:19 +03:00
Barthelemy Dagenais
a5c8072ab1
Fixed #26627 -- Fixed on_commit callbacks execution order when callbacks make transactions.
2016-05-18 09:09:48 -04:00
Josh Smeaton
2a4af0ea43
Fixed #25774 -- Refactor datetime expressions into public API
2016-05-18 20:14:58 +10:00
Tim Graham
ece4d24f8e
Refs #26601 -- Deprecated old-style middleware.
2016-05-17 07:22:26 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Tim Graham
c999c8d8f6
Updated admin's jQuery to 2.2.3.
2016-05-17 07:20:06 -04:00
Loïc Bistuer
ed0ff913c6
Fixed #10506 , #13793 , #14891 , #25201 -- Introduced new APIs to specify models' default and base managers.
...
This deprecates use_for_related_fields.
Old API:
class CustomManager(models.Model):
use_for_related_fields = True
class Model(models.Model):
custom_manager = CustomManager()
New API:
class Model(models.Model):
custom_manager = CustomManager()
class Meta:
base_manager_name = 'custom_manager'
Refs #20932 , #25897 .
Thanks Carl Meyer for the guidance throughout this work.
Thanks Tim Graham for writing the docs.
2016-05-17 12:07:22 +07:00
Claude Paroz
526575c641
Fixed #21379 -- Created auth-specific username validators
...
Thanks Tim Graham for the review.
2016-05-16 19:37:57 +02:00